Re: [httpslocal/proposals] Extended origins for non-unique names (#1) from Tatsuya Igarashi on 2018-06-28 (public-httpslocal@w3.org from June 2018)

From: Tatsuya Igarashi <notifications@github.com>
Date: Wed, 27 Jun 2018 23:44:43 -0700
To: httpslocal/proposals <proposals@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <httpslocal/proposals/issues/1/400929846@github.com>

@martinthomson your proposal of  "extended origin for local ___domain" is interesting.

The proposal seems to work well in the case that there is no rogue device in the home network. But there is a concern of the "secure-origin".  One of the issues is how a user can trust a non-owned device in public local network such as office and hotel.  I am a proponent of  using a genuine Web PKI certificate for local server as [my idea](https://www.w3.org/wiki/images/6/6c/TPAC2016_Local_Discovery_and_HTTPS.pdf). Does it make sense that FireFox shows "green  padlock" as like below if a device has a genuine Web PKI certificate?

![secure_local_device](https://user-images.githubusercontent.com/28719248/42016428-72c8e5fc-7ae6-11e8-81f2-81f901f5696f.png)








-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/httpslocal/proposals/issues/1#issuecomment-400929846

Received on Thursday, 28 June 2018 06:45:16 UTC